Title:Thoughts on child safety on commodity platforms

Abstract:The explosion of global social media and online communication platforms has changed how we interact with each other and as a society, bringing with it new security and privacy challenges. Like all technologies, these platforms can be abused and they are routinely used to attempt to cause harm at scale. One of the most significant offence types that is enabled by these platforms is child sexual abuse - both scaling existing abuse and enabling entirely new types of online-only abuse where the impacts on the victim are equally catastrophic. Many platforms invest significantly in combating this crime, referring confirmed evidence of illegality to law enforcement. The introduction of end-to-end encryption and similar technologies breaks many of the mitigations in place today and this has led to a debate around the apparent dichotomy of good child safety and good general user privacy and security. This debate has concentrated on the problem of detecting offenders sharing known abuse imagery using a technique known as client side scanning. We will show that the real problem of online child sexual abuse is much more complex than offender image sharing, providing a new set of 'harm archetypes' to better group harms into categories that have similar technical characteristics and, as far as we are able, bring more clarity to the processes currently used by platforms and law enforcement in relation to child sexual abuse content and the real world impacts. We explore, at a high level, a variety of techniques that could be used as part of any potential solution and examine the benefits and disbenefits that may accrue in various use cases, and use a hypothetical service as an example of how various techniques could be brought together to provide both user privacy and security, while protecting child safety and enabling law enforcement action.